﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Web;
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
using NB.MGJ.Model;
using NB.MGJ.Common.API;

namespace NB.MGJ.API
{
    /// <summary>
    /// 第三方接入API验证
    /// </summary>
    public class ThirdAuthorizeFilter : AuthorizationFilterAttribute
    {
        public override void OnAuthorization(HttpActionContext actionContext)
        {
            var _controller = actionContext.ControllerContext.ControllerDescriptor.ControllerName;//controllerName
            var _action = actionContext.ActionDescriptor.ActionName;//actionName
            var _token = GetAccessTokenFormContext(actionContext);//token
            var _sign = GetAccessSignFormContext(actionContext);//sign
            var _timespan = GetAccessTimeSpanFromContext(actionContext);//timespan
            if (string.IsNullOrWhiteSpace(_token) || string.IsNullOrWhiteSpace(_sign))
            {
                throw new ApiErrorException("AccessTokenOrSignMiss");
            }
        }

        /// <summary>
        /// 从请求头中获取Token
        /// </summary>
        private string GetAccessTokenFormContext(HttpActionContext actionContext)
        {
            IEnumerable<string> _values = null;
            if (actionContext.Request.Headers.TryGetValues("Access-Token", out _values))
            {
                if (_values != null && _values.Count() != 0)
                {
                    return _values.FirstOrDefault();
                }
                return null;
            }
            else
            {
                HttpContextBase context = (HttpContextBase)actionContext.Request.Properties["MS_HttpContext"];
                HttpRequestBase request = context.Request;
                return request["access_token"];
            }
        }

        /// <summary>
        /// 从请求头中获取Sign
        /// </summary>
        private string GetAccessSignFormContext(HttpActionContext actionContext)
        {
            string _sign = string.Empty;
            IEnumerable<string> _values = null;
            if (actionContext.Request.Headers.TryGetValues("Access-Sign", out _values))
            {
                if (_values != null && _values.Count() != 0)
                {
                    return _values.FirstOrDefault();
                }
                return null;
            }
            else
            {
                HttpContextBase context = (HttpContextBase)actionContext.Request.Properties["MS_HttpContext"];
                HttpRequestBase request = context.Request;
                return request["access_sign"];
            }

        }

        /// <summary>
        /// 从请求头中获取时间戳
        /// </summary>
        private string GetAccessTimeSpanFromContext(HttpActionContext actionContext)
        {
            IEnumerable<string> _values = null;
            if (actionContext.Request.Headers.TryGetValues("Access-TimeSpan", out _values))
            {
                if (_values != null && _values.Count() != 0) return _values.FirstOrDefault();
                return null;
            }
            else
            {
                HttpContextBase context = (HttpContextBase)actionContext.Request.Properties["MS_HttpContext"];
                HttpRequestBase request = context.Request;
                return request["access_timespan"];
            }
        }
    }
}
